CISA Identifies Actively Exploited Vulnerabilities in SolarWinds, Ivanti, and Workspace One

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added three security vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog due to evidence of active exploitation. Among these is CVE-2021-22054, a server-side request forgery (SSRF) vulnerability in Omnissa Workspace One UEM, which has a CVSS score of 7.5. Organizations using affected systems are urged to take immediate action to mitigate potential threats.

Want More Context? 🔎